<?php
include __DIR__ . "/config/cors.php";
include __DIR__ . "/database.php";

$role = @$_COOKIE['role'];
if (!isset($role) or $role != "admin") {
    echo json_encode([
        "code" => 401,
        "message" => "无权访问！"
    ]);
    exit;
}

$db = new DB();
$sql = "select review.id, news.title, review.context, review.time, user.username
        from review, user, news
        where review.uid = user.id and review.nid = news.id
        order by review.time desc";
$data = $db->selectAll($sql);
if (is_array($data) and count($data) > 0) {
    echo json_encode([
        "code" => 200,
        "message" => "查询成功",
        "data" => $data
    ]);
} else {
    echo json_encode([
        "code" => 202,
        "message" => "查询结果为空"
    ]);
}
